{"id":"https://openalex.org/W3217438801","doi":"https://doi.org/10.1109/csnet52717.2021.9614275","title":"Incremental code updates exploitation as a basis for return oriented programming attacks on resource-constrained devices","display_name":"Incremental code updates exploitation as a basis for return oriented programming attacks on resource-constrained devices","publication_year":2021,"publication_date":"2021-10-12","ids":{"openalex":"https://openalex.org/W3217438801","doi":"https://doi.org/10.1109/csnet52717.2021.9614275","mag":"3217438801"},"language":"en","primary_location":{"id":"doi:10.1109/csnet52717.2021.9614275","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csnet52717.2021.9614275","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 5th Cyber Security in Networking Conference (CSNet)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5088070468","display_name":"AbdElaziz Saad AbdElaziz AbdElaal","orcid":null},"institutions":[{"id":"https://openalex.org/I51783024","display_name":"Brandenburg University of Technology Cottbus-Senftenberg","ror":"https://ror.org/02wxx3e24","country_code":"DE","type":"education","lineage":["https://openalex.org/I51783024"]},{"id":"https://openalex.org/I92894754","display_name":"Leibniz Institute for High Performance Microelectronics","ror":"https://ror.org/0489gab80","country_code":"DE","type":"facility","lineage":["https://openalex.org/I315704651","https://openalex.org/I92894754"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"AbdElaziz Saad AbdElaziz AbdElaal","raw_affiliation_strings":["Brandenburgische Technische Universit\u00e4t Cottbus-Senftenberg, Cottbus, Germany","IHP - Leibniz-Institut f\u00f6r innovative Mikroelektronik, Frankfurt (Oder), Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Brandenburgische Technische Universit\u00e4t Cottbus-Senftenberg, Cottbus, Germany","institution_ids":["https://openalex.org/I51783024"]},{"raw_affiliation_string":"IHP - Leibniz-Institut f\u00f6r innovative Mikroelektronik, Frankfurt (Oder), Germany","institution_ids":["https://openalex.org/I92894754"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086912004","display_name":"Kai Lehniger","orcid":"https://orcid.org/0000-0002-3274-2469"},"institutions":[{"id":"https://openalex.org/I92894754","display_name":"Leibniz Institute for High Performance Microelectronics","ror":"https://ror.org/0489gab80","country_code":"DE","type":"facility","lineage":["https://openalex.org/I315704651","https://openalex.org/I92894754"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Kai Lehniger","raw_affiliation_strings":["IHP - Leibniz-Institut f\u00f6r innovative Mikroelektronik, Frankfurt (Oder), Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"IHP - Leibniz-Institut f\u00f6r innovative Mikroelektronik, Frankfurt (Oder), Germany","institution_ids":["https://openalex.org/I92894754"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111235693","display_name":"Peter Langend\u00f6rfer","orcid":null},"institutions":[{"id":"https://openalex.org/I51783024","display_name":"Brandenburg University of Technology Cottbus-Senftenberg","ror":"https://ror.org/02wxx3e24","country_code":"DE","type":"education","lineage":["https://openalex.org/I51783024"]},{"id":"https://openalex.org/I92894754","display_name":"Leibniz Institute for High Performance Microelectronics","ror":"https://ror.org/0489gab80","country_code":"DE","type":"facility","lineage":["https://openalex.org/I315704651","https://openalex.org/I92894754"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Peter Langendorfer","raw_affiliation_strings":["Brandenburgische Technische Universit\u00e4t Cottbus-Senftenberg, Cottbus, Germany","IHP - Leibniz-Institut f\u00f6r innovative Mikroelektronik, Frankfurt (Oder), Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Brandenburgische Technische Universit\u00e4t Cottbus-Senftenberg, Cottbus, Germany","institution_ids":["https://openalex.org/I51783024"]},{"raw_affiliation_string":"IHP - Leibniz-Institut f\u00f6r innovative Mikroelektronik, Frankfurt (Oder), Germany","institution_ids":["https://openalex.org/I92894754"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.4198,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.70820643,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9921000003814697,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8735854625701904},{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.8137390613555908},{"id":"https://openalex.org/keywords/code-reuse","display_name":"Code reuse","score":0.6718583703041077},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.579102635383606},{"id":"https://openalex.org/keywords/reuse","display_name":"Reuse","score":0.5724135041236877},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5582778453826904},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.5344023108482361},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.4654199779033661},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.46349501609802246},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.42330461740493774},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.33336204290390015},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.18963390588760376}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8735854625701904},{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.8137390613555908},{"id":"https://openalex.org/C2778583558","wikidata":"https://www.wikidata.org/wiki/Q771245","display_name":"Code reuse","level":3,"score":0.6718583703041077},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.579102635383606},{"id":"https://openalex.org/C206588197","wikidata":"https://www.wikidata.org/wiki/Q846574","display_name":"Reuse","level":2,"score":0.5724135041236877},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5582778453826904},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.5344023108482361},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.4654199779033661},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.46349501609802246},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.42330461740493774},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.33336204290390015},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.18963390588760376},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/csnet52717.2021.9614275","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csnet52717.2021.9614275","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 5th Cyber Security in Networking Conference (CSNet)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W2042627581","https://openalex.org/W2056324284","https://openalex.org/W2072407102","https://openalex.org/W2161740197","https://openalex.org/W2164215197","https://openalex.org/W2293825325","https://openalex.org/W2412733208","https://openalex.org/W2518400702","https://openalex.org/W2922469080","https://openalex.org/W2931372667","https://openalex.org/W2947506247","https://openalex.org/W2966979469","https://openalex.org/W3026606863","https://openalex.org/W3207696788","https://openalex.org/W6650149467","https://openalex.org/W6726065836"],"related_works":["https://openalex.org/W1995118279","https://openalex.org/W4240624848","https://openalex.org/W2182697532","https://openalex.org/W1544062218","https://openalex.org/W2154435823","https://openalex.org/W185550498","https://openalex.org/W2348203156","https://openalex.org/W2226868092","https://openalex.org/W2164928043","https://openalex.org/W1991166235"],"abstract_inverted_index":{"Code-reuse":[0],"attacks":[1,76],"pose":[2],"a":[3,47,58,137],"threat":[4],"to":[5,12,30,63,79,104,214],"embedded":[6],"devices":[7],"since":[8],"they":[9,126],"are":[10,119,127,210],"able":[11],"defeat":[13],"common":[14],"security":[15],"defenses":[16],"such":[17],"as":[18],"non-executable":[19],"stacks.":[20],"To":[21,197],"succeed":[22],"in":[23],"his":[24],"code-reuse":[25,75],"attack,":[26,201],"the":[27,38,41,65,69,97,106,115,147,156,179,185,193],"attacker":[28,86],"has":[29],"gain":[31,88],"knowledge":[32,89],"of":[33,37,40,46,57,68,90,92,155,173],"some":[34,91],"or":[35],"all":[36],"instructions":[39,67,94],"target":[42,70],"firmware/software.":[43],"In":[44],"case":[45],"bare-metal":[48],"firmware":[49],"that":[50,171,184,204],"is":[51,61],"protected":[52],"from":[53],"being":[54],"dumped":[55],"out":[56],"device,":[59],"it":[60,132],"hard":[62],"know":[64],"running":[66],"firmware.":[71],"This":[72,81],"consequently":[73],"makes":[74],"more":[77,190],"difficult":[78],"achieve.":[80],"paper":[82],"shows":[83,183],"how":[84,136],"an":[85],"can":[87,142,175],"these":[93,117],"by":[95,178],"sniffing":[96],"unencrypted":[98],"incremental":[99,150],"updates.":[100,151,196],"These":[101],"updates":[102,118,154,188],"exist":[103],"reduce":[105],"radio":[107],"reception":[108],"power":[109,207],"for":[110],"resource-constrained":[111],"devices.":[112],"Based":[113],"on":[114],"literature,":[116],"checked":[120],"against":[121,199],"authentication":[122],"and":[123,158],"integrity,":[124],"but":[125,212],"sometimes":[128],"sent":[129],"unencrypted.":[130],"Therefore,":[131],"will":[133,164],"be":[134,143,165,176,215],"demonstrated":[135],"Return-Oriented":[138],"Programming":[139],"(ROP)":[140],"attack":[141],"accomplished":[144],"using":[145],"only":[146],"passively":[148],"sniffed":[149],"The":[152,168],"generated":[153,187,195],"R3diff":[157,194],"Delta":[159],"Generator":[160],"(DG)":[161],"differencing":[162],"algorithms":[163],"under":[166],"assessment.":[167],"evaluation":[169],"reveals":[170],"both":[172],"them":[174],"exploited":[177],"attacker.":[180],"It":[181],"also":[182],"DG":[186],"leak":[189],"information":[191],"than":[192],"defend":[198],"this":[200],"different":[202,206],"countermeasures":[203],"consider":[205],"consumption":[208],"scenarios":[209],"proposed,":[211],"yet":[213],"evaluated.":[216]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}